CERT Resilience Management Model— Mail-Specific Process Areas: Mail Induction (Version 1.0)

8/11/2019 CERT Resilience Management Model Mail-Specific Process Areas: Mail Induction (Version 1.0)

1/47

CERT Resilience Management Model

Mail-Specific Process Areas:

Mail Induction (Version 1.0)

Julia H. Allen

Gregory Crabb (United States Postal Inspection Service)Pamela D. Curtis

Nader Mehravari

David W. White (formerly with the SEI)

August 2014

TECHNICAL NOTE

CMU/SEI-2014-TN-010

CERT Division

http://www.sei.cmu.edu
http://www.sei.cmu.edu/http://www.sei.cmu.edu/


2/47


3/47

Table of Contents

Abstract iii

Introduction 1

Mail Induction 3

Purpose 3

Outline 3

Introductory Notes 4

Related Process Areas 6

Summary of Specific Goals and Practices 7

Specific Practices by Goal 7

MI:SG1 Establish Standards for Mail Induction 7

MI:SG2 Induct Mail 13

MI:SG3 Manage Risks to Mail During Induction 21

MI:SG4 Control Mail During Induction 24MI:SG5 Manage Mail Discrepancies During Induction 34

Mail Induction Process Area References 38

References 40

CMU/SEI-2014-TN-010 | i


4/47

CMU/SEI-2014-TN-010 | ii


5/47

Abstract

Developing and implementing measurable methodologies for improving the security and

resilience of a national postal sector directly contribute to protecting public and postal

personnel, assets, and revenues. Such methodologies also contribute to the security and

resilience of the mode of transport used to carry mail and the protection of the global mailsupply chain. Since 2011, the U.S. Postal Inspection Service (USPIS) has collaborated with the

CERT Division at Carnegie Mellon Universitys Software Engineering Institute (SEI) to

improve the resilience of selected U.S. Postal Service (USPS) products and services. The CERT

Resilience Management Model (CERT-RMM) and its companion diagnostic methods served

as the foundational tool for this collaboration.

This report includes one result of the USPIS/CERT collaboration. It is an extension of CERT-

RMM to include a new mail-specific process area for the induction (acceptance) of mail into

the U.S. domestic mail stream. The purpose is to ensure that mail is collected and accepted

in accordance with USPS standards and requirements for the resilience of mail during the

induction process.

CMU/SEI-2014-TN-010| iii


6/47

CMU/SEI-2014-TN-010 | iv


7/47

Introduction

In December 2011, the U.S. Postal Inspection Service (USPIS) asked CERT staff to develop

new mail-specific process areas (PAs) to manage the resilience of mail throughout its

lifecyclefrom induction to delivery. The initial scope of this effort included mail

acceptance, revenue confirmation, mail security, mail transport, and mail custody.

The CERTResilience Management Model (CERT-RMM) [Caralli 2011], which was developed

by the CERT Division at Carnegie Mellon Universitys Software Engineering Institute (SEI),

and its companion diagnostic methods served as the foundational tool for this collaboration.

CERT-RMM is a capability-focused maturity model for improving an organizations

management of operational resilience activities across the domains of security

management, business continuity management, and aspects of information technology

operations management. These improvements enable high-value services to meet their

missions consistently and with high quality, particularly during times of stress and

disruption.

The USPIS objectives for this project included the following [Crabb 2012, Joch 2013]:

Define common criteria for assuring that U.S. Postal Service (USPS) products are

resilient.

Evaluate business partners and customer operations in their handling of mail.

Use these new PAs in conjunction with other selected CERT-RMM PAs to evaluate new

and existing USPS products, services, suppliers, and partners, in terms of their security

and resilience.

Assure that each products contribution to USPS revenue is commensurate with services

delivered.

Identify revenue collection gaps more quickly.

The development project commenced in January 2012 and was an active collaboration

between USPIS subject matter experts and CERT staff. The architecture of the mail-specific

PAs follows that of the existing 26 PAs described in CERT-RMM. The scope and content of

these PAs evolved significantly during the course of the development project. In July 2012,

initial outlines for four mail-specific PAsMail Induction (MI), Mail Revenue Assurance

(MRA), Mail Transportation (MT), and Mail Delivery (MD)were accepted by the USPIS, as

well as an initial draft of the MRA PA.

The PAs specific to the induction of mail and to mail revenue assurance were pilot tested

extensively during the Express Mail projects described in an SEI technical note titled

Improving the Security and Resilience of U.S. Postal Service Mail Products and Services Using

the CERTResilience Management Model[Crabb 2014]. In April 2013, outlines for all four

mail-specific PAs were accepted as baselined by the USPIS, and in July 2013, baselined

versions of two complete PAs, MI and MRA [Allen 2014b], were accepted by the USPIS.

CERT is a registered mark of Carnegie Mellon University.

CMU/SEI-2014-TN-010|1


8/47

Following this initial effort, the USPIS asked CERT to extend the goals and practices

contained within the MT outline for U.S. domestic mail to address international mail

transportation. This effort is described in the report titled CERT Resilience Management

Model Mail-Specific Process Areas: International Mail Transportation, Version 1.0 [Allen

2014a].

The Mail Induction Process Area is presented in this report.

CMU/SEI-2014-TN-010|2


9/47

Mail Induction

Purpose

The purpose of Mail Induction (MI) is to ensure that all mailpieces (mail) are inducted

(collected and accepted) in accordance with USPS standards.

Outline

MI:SG1 Establish Standards for Mail Induction

Standards for mail induction are established and maintained.

MI:SG1.SP1 Establish Standards for Mail Induction

Standards for the induction of mailpieces are identified, established, and maintained.

MI:SG2 Induct Mail

Induction of mail is established and maintained in accordance with standards.

MI:SG2.SP1 Collect Mail

Mailpieces are received by the USPS in accordance with standards.

MI:SG2.SP2 Accept Mail

Mailpieces are verified and accepted in accordance with standards.

MI:SG2.SP3 Classify and Prioritize Mail

Mailpieces are classified and prioritized in accordance with standards.

MI:SG2.SP4 Convey Mail to Origin Processing Facilities

Mailpieces are conveyed from their collection location to origin processing facilities in

accordance with standards.

MI:SG3 Manage Risks to Mail During Induction

Operational risks to mail during induction are identified and addressed.

MI:SG3.SP1 Identify and Assess Risks to Mail During Induction

Operational risks to mailpieces during induction are periodically identified and assessed.

MI:SG3.SP2 Address Risks to Mail During Induction

Identified operational risks to mailpieces during induction are addressed.

MI:SG4 Control Mail During Induction

Controls to protect mail during induction are established and maintained in accordance with

standards.

MI:SG4.SP1 Control Availability of Mail During Induction

Controls are established and maintained to assure availability of mailpieces during

induction in accordance with standards.

CMU/SEI-2014-TN-010|3


10/47

MI:SG4.SP2 Control Sanctity of Mail During Induction

Controls are established and maintained to assure sanctity of mailpieces during


MI:SG4.SP3 Control Custody of Mail During Induction

Controls are established and maintained to assure custody of mailpieces during


MI:SG4.SP4 Control Visibility of Mail During Induction

Controls are established and maintained to assure visibility of mailpieces during


MI:SG5 Manage Mail Discrepancies During Induction

Discrepancies during the induction of mail are identified and addressed.

MI:SG5.SP1 Establish and Maintain Mail Discrepancy Plans for Induction

Plans and procedures for managing mail discrepancies during induction are established

and maintained.

MI:SG5.SP2 Identify and Address Mail Discrepancies During Induction

Mail discrepancies during induction are identified and addressed in accordance with

plans and procedures.

Introductory Notes

This CERT Resilience Management Model (CERT-RMM) supplemental process area describes

key goals and practices that will be used as a standalone evaluation tool or in conjunction

with other CERT-RMM process areas to evaluate the resilience of mail during its induction,

transportation, and delivery by the USPS.

The resilient management of mail is critical to support the goals of the USPS. It requires

identifying and establishing the Domestic Mail Manual (DMM) and Postal Operations

Manual (POM) standards that pertain to mail resilience and putting controls in place to

ensure that these standards are satisfied throughout the mail lifecycle, from induction to

delivery.

Mail is defined as the combination of the classes and types of pieces that are handled by the

USPS. A mailpiece is characterized by the following attributes:

Mail class: The service purchased by the mailer, which defines the required service

standard for each mailpiece. Mail class and service level (or service) are synonymous

and may be used interchangeably. Mail classes are defined in the DMM and POM and

include, for example, Priority Mail Express, Priority Mail, First-Class Mail, Standard Mail,

Parcel Post, Media Mail and Library Mail, Periodicals, and Bound Printed Matter [DMM,

pp. 67; POM 137.42].

Mail type: Mail types are dependent on size, shape, and weight and include retail mail

and commercial (business) mail letters, cards, flats, and parcels. Mail types are defined

in the DMM [DMM, pp. 67].

CMU/SEI-2014-TN-010|4


11/47


12/47

Resilience requirements are assigned to mail so that the appropriate type and level of

controls can be selected to meet these requirements. Physical, technical, and administrative

controls are designed, implemented, and managed, and the effectiveness of these controls

is monitored. From the time and location mail is inducted by the USPS to the time and

location it is delivered, mail availability, sanctity, custody, and visibility are managed

commensurate with mail class, type, and extra services. Risks to mailpieces are identified

and assessed, and risks are addressed and monitored. In addition, discrepancies in the

induction of mail and to the availability, sanctity, custody, and visibility of mail are identified

and addressed.

The MI process area is not intended to replace standards in the DMM or the POM. Instead,

MI provides a set of goals and practices that can be scaled and used to assess the maturity

and capability of USPS and authorized mailers and induction organizations to satisfy the

resilience requirements and standards in the DMM and the POM, as well as resilience

requirements from USPS stakeholders.

Related Process Areas

The identification of mail revenue standards and the assurance of mail revenue (postage

affixed, payment, discrepancies, and fraud) are addressed in the Mail Revenue Assurance

process area.

Requirements for the receipt of payment are described in the Mail Revenue Assurance

process area.

The protection of mail during transportation is addressed in the Mail Transportation process

area.

The protection of mail during delivery is addressed in the Mail Delivery process area.

Compliance with mail induction standards is addressed in the Compliance process area.

The management of the internal control system that ensures the resilience of mailpieces and

mail services during induction is addressed in the Controls Management process area.

The assignment of resilience requirements to the physical facilities where mailpieces are

inducted and handled and other physical, environmental, and geographical controls to

support the resilience of mailpieces and mail services during induction are managed in the

Environmental Control process area.

The establishment and management of controls relating to the integrity and availability oftechnology assets used for mailpieces and mail services during induction are defined in the

Technology Management process area.

The processes to identify and analyze events, detect incidents, and determine an appropriate

organizational response for events affecting mailpieces and mail services during induction

are addressed in the Incident Management and Control process area.

CMU/SEI-2014-TN-010|6


13/47

The controls to ensure the continuity of essential operations of mail services if a disruption

occurs during induction as a result of an incident, disaster, or other disruptive event are

addressed in the Service Continuity process area.

Ensuring that resilience requirements for mailpieces are met by contractors and other

external entities involved during induction is addressed in the External Dependencies

Management process area.

Controls to manage the performance of people in support of the resilient management of

mailpieces during induction are addressed in the Human Resource Management process

area.

Inventories and gap analysis of skills required for the resilient management of mailpieces

during induction are addressed in the Human Resource Management process area.

The provision of awareness and training to staff necessary for the resilient management of

mailpieces during induction is addressed in the Organizational Training and Awareness

process area.

Summary of Specific Goals and Practices


MI:SG1.SP1 Establish Standards for Mail Induction

MI:SG2 Induct Mail






MI:SG3.SP1 Identify and Assess Risks to Mail During InductionMI:SG3.SP2 Address Risks to Mail During Induction






MI:SG5 Manage Mail Discrepancies During Induction

MI:SG5.SP1 Establish and Maintain Mail Discrepancy Plans for Induction

MI:SG5.SP2 Identify and Address Mail Discrepancies During Induction

Specific Practices by Goal


Standards for mail induction are established and maintained.

The purpose of establishing standards, policies, operating procedures, and other

specifications (standardsfor short) for mail induction is to ensure that mailers (including

service providers) understand their responsibilities for preparing mail for induction and that

CMU/SEI-2014-TN-010|7


14/47


15/47

Collection

The DMM specifies deposit and collection standards for all classes of mail. These are

examples of unique deposit and collection requirements by mail class:

First-Class Mail

o Retail: Single-piece First-Class Mail letters and cards may be deposited into anycollection box, mail receptacle, or at any place where mail is accepted if the full

required postage is paid with adhesive stamps. Metered mail and permit imprint

mail must be deposited at the appropriate Post Office [DMM 136].

o Commercial: First-Class Mail paid at Presorted or any automation prices must be

deposited at locations and times designated by the postmaster. Metered mail must

be deposited in locations under the jurisdiction of the licensing Post Office. USPS

may collect Presorted First-Class Mail and automation First-Class Mail at a mailers

facility if part of an approved collection service for other classes of mail; space is

available on the transportation required for those classes; and [DMM 236]

- acceptance and verification are done at the customers facility; or- postage is paid with permit imprint under an optional procedure; or

- postage is paid with meter or precanceled stamps.

Priority Mail

o Retail: Priority Mail weighing 13 ounces or less may be deposited into any

collection box, mail chute, or mail receptacle or at any place where mail is

accepted if the full required postage is paid with adhesive stamps. Metered mail

must be deposited in locations under the jurisdiction of the licensing Post Office.

Priority Mail weighing more than 13 ounces bearing only postage stamps must be

presented to USPS personnel at a retail service counter in a USPS facility [DMM126].

o Commercial: Mailpieces bearing postage evidencing indicia must be deposited in a

collection box (except for mailings of 200 or more Critical Mail letters) or at a

postal facility within the ZIP Code shown in the indicia. Pickup on Demand service is

available from designated Post Offices [DMM 226].

Priority Mail Express

o Retail: Mail weighing more than 13 ounces bearing only postage stamps as postage

may not be deposited into a collection box, Postal Service lobby drop, Automated

Postal Center (APC) drop, USPS dock, customer mailbox, or other unattendedlocation. These mailpieces are also precluded from pickup service. The sender must

present such items to USPS personnel at a retail service counter in a USPS facility.

Improperly presented items will be returned to the sender for proper entry and

acceptance. The time and date of mailing for these items is the time and date

when the items are presented and accepted [DMM 116].

CMU/SEI-2014-TN-010|9


16/47

o Commercial: Commercial mail may be deposited in Express Mail collection boxes,

handed to delivery and collection employees during their normal delivery and

collection duties, or picked up by USPS Pickup on Demand service. The "time and

date of mailing" for items deposited in these ways is the time and date the items

are brought to the Priority Mail Express acceptance unit [DMM 216].

The POM specifies collection standards for specific classes of mail. One example is Priority

Mail Express, which includes [POM 137.542, 137.552, 137,562]

presentation at designated postal facilities, Priority Mail Express collection boxes, pickup

services

ensuring that the mailpiece has an appropriate label, correct postage, and that the ZIP

Code supports next day delivery (verification)

returning the mailpiece to the mailer if verification is not successful

The POM also specifies requirements for mail collection boxes (appearance, number and

types, locations, removal and relocation, and records of scheduled collections) [POM 315]and types of collection boxes (residential, business area, arterial boxes on major traffic

thoroughfares, and Priority Mail Express) [POM 32].

The Glossary of Postal Terms [Pub 32] provides definitions of all mail deposit and collections

terms that are used in the DMM and POM.

Acceptance

The DMM specifies verification and acceptance standards for all types and classes of mail.

These standards pertain to

dimensions and weights

elements on the face of mailpieces addressing

packaging and containers

nonmailable matter, including certain dangerous and hazardous goods

postage affixed, labels, and barcodes

forms, permits, and documentation

signatures

prices, fees, and payment methods

quantity and bundling

These standards serve as instructions for mailers and as guidance for USPS personnel bywhich to judge whether mailpieces are acceptable.

Postmasters and other managers of postal facilities must prominently display in Post Office

lobbies, acceptance areas, and at self-service postal centers a notice to mailers about

prohibitions and requirements related to dangerous materials [POM 139.112). Posters

describing characteristics of potentially dangerous mail are also prominently displayed in

CMU/SEI-2014-TN-010|10


17/47

postal facilities. Dangerous and hazardous mail are treated as discrepancies as described in

MI:SG5, Manage Mail Discrepancies During Induction.

Availability

Standards governing mail availability are specified in the DMM, the POM, and the

Administrative Support Manual [ASM 2012]. For example, the ASM contains standardsrelating to losses, robberies and burglaries, protection of mail against theft during collection

and delivery, detention of mail, facility security, and qualifications of personnel. The POM

contains standards relating to access to mail and mail handling areas [POM 137.71],

indemnity claims, and sealing of mail containers.

Mail availability is also governed by statutes in 18 USC Sections 16911737 that protect the

mail from theft, obstruction, and interference [13] and by service standards specified in Title

39 Part 121. The Universal Postal Union (UPU) publication S58, Postal security standards

General security measures, specifies that access to mail must be restricted as appropriate to

postal service personnel or authorized contractors with mail handling responsibilities [UPU

2012 Part A, 8.1.2, pg. 15]. The UPU standard also specifies standards for transportation and

conveyance security and for personnel integrity [UPU 2012].

Sanctity

Standards governing mail sanctity are defined in Section 274 of the Administrative Support

Manual [ASM 2012]. ASM 274.1 states The Postal Service must preserve and protect the

security of all mail in its custody from unauthorized opening, inspection, or reading of

contents or covers; tampering; delay; or other unauthorized acts.

An exception is ASM 211.31, which permits the Office of Inspector General (OIG) and the

U.S. Postal Inspection Service (USPIS) personnel to access mail that might be relevant to anofficial audit or investigation. Also, personnel of the Mail Recovery Unit may, without a

warrant, read mail to try to determine where to return it.

ASM 271.63 states that Employees must not place mail in their pockets or clothing, in their

lockers or desks, or in any other personal receptacles. POM 632.6 covers protection of mail

delivered to mail receptacles in apartment houses.

Courts have long held that the fourth amendment of the Constitution of the United States

applies to mail: The right of the people to be secure in their persons, houses, papers, and

effects, against unreasonable searches and seizures, shall not be violated, and no Warrants

shall issue, but upon probable cause, supported by Oath or affirmation, and particularly

describing the place to be searched, and the persons or things to be seized.

Postal employees may not read the backs of postcards or the contents of mail that opens

accidentally in mail processing systems or from other causes, and they may not copy

anything from mail content by writing or other method.

The USPS is required by 39 USC 404(c) to maintain one or more classes of mail for the

transmission of letters sealed against inspection [12]. Mail sanctity is also rooted in various

CMU/SEI-2014-TN-010|11


18/47

statutes in 18 USC Sections 16911737, such as Section 1702, Obstruction of

correspondence, regarding taking a mailpiece out of the mailstream to destroy it or to pry

into the business or secrets of another [13].

UPU publication S58 specifies that access to mail must be restricted as appropriate to postal

service personnel or authorized contractors with mail handling responsibilities [UPU PSS

Part A, 8.1.2, pg. 15].

Standards for handling mail sanctity discrepancies are found in POM 169.2 (with cross-

references to DMM and ASM), regarding reporting theft of mail from mail receptacles and

obstruction, interception, tampering, and rifling of mail.

Custody

The DMM and POM define custody standards for all classes and types of retail and

commercial mail as well as extra services (sometimes designated as accountable mail),

which have specific custody and visibility requirements [DMM 503; POM 137.73; POM

137.44].

The following publications provide examples of the additional guidance on custody

requirements for accountable mail and extra services:


o Publication 97 Express Mail Manifesting Business and Technical Guide [Pub 97]

o Quick Service Guide 110 Retail Letters, Flats, and Parcels [6]

o Quick Service Guide 410 Commercial Parcels [7]

Registered Mail: Handbook DM-901 Registered Mail [POM 476.9, pg. 315; HB DM-901]

Visibility

The DMM and POM define visibility standards for all classes and types of retail and

commercial mail as well as extra services (sometimes designated as accountable mail),

which have specific visibility requirements [DMM 503; POM 137.73; POM 137.44].

The following publications provide examples of the additional guidance on visibility

requirements for accountable mail and extra services:


o Publication 97 Express Mail Manifesting Business and Technical Guide [Pub 97]

o Quick Service Guide 110 Retail Letters, Flats, and Parcels [6]

o Quick Service Guide 410 Commercial Parcels [7]

Registered Mail: Handbook DM-901 Registered Mail [POM 476.9, pg. 315; HB DM-901]

Additional standards for the visibility of mail are described in supporting specifications and

guidelines for postage and barcodes such as Intelligent Mail Barcode Specification USPS-B-

3200[USPS 2009] andA Guide to Intelligent Mail for Letters and Flats[USPS 2012]. The use

of IMbs and Intelligent Mail package barcodes (IMpbs), as well as electronic documentation

CMU/SEI-2014-TN-010|12


19/47

that is submitted by commercial mailers, may provide mailers and the USPS with end-to-end

visibility into the mailstream.

Typical Work Products

1. Standards for collection of mailpieces

2. Standards for acceptance of mailpieces

3. Standards for availability of mailpieces

4. Standards for sanctity of mailpieces

5. Standards for custody of mailpieces

6. Standards for visibility of mailpieces

7. List of federal and state laws relating to mailability and mail induction

8. Procedures for revising standards

9. Procedures for disseminating standards updates

Subpractices

1. Identify all laws, standards, policies, operating procedures, and supporting specifications

and guidelines that affect mailability, mail induction practices, and resilience

requirements for mailpieces during induction.

2. Communicate mail induction standards to all affected parties (USPS personnel,

acceptance offices, mailers).

3. Develop and publish new standards as needed to reflect changes in mail induction

practices.

4. Follow established procedures for revising existing standards.

5. Document approved revisions to existing standards in all affected publications, including

cross-references in the POM to the DMM.

6. Communicate changes to mail induction standards to all affected parties (USPS

personnel, acceptance offices, mailers).

7. Make standards available to mailers, USPS personnel, and other users of the standards

in appropriate locations and formats.

8. Ensure that USPS personnel adhere to standards and verify that mailers adhere to

standards.

MI:SG2 Induct Mail

Induction of mail is established and maintained in accordance with standards.

The induction of mail includes collecting mail from a wide range of deposit and entry points,

verifying and accepting mail, classifying and prioritizing mail, and conveying mail to origin

CMU/SEI-2014-TN-010|13


20/47

processing facilities in preparation for transportation (refer to the Mail Transportation

process area).

The first steps in the induction of mail occur when USPS personnel collect, verify, and accept

a mailpiece. USPS personnel who induct mail serve a highly diverse customer base. It

includes individual citizens, small volume mailers who manually prepare their mailings, and

medium and high volume mailers who submit mailings containing millions of pieces with

complex mail preparation that allows them to take advantage of the lowest available prices.

USPS induction personnel assist mailers with mail preparation and acceptance questions,

establish payment accounts and transact payment for business mailings, and provide other

mailer support functions.

USPS induction personnel classify and prioritize mail based on mail type, class, and extra

services requested by the mailer and verify mail preparation and payment to ensure that

mail is accepted by the USPS according to the standards associated with that type, class, and

service. Verification of adherence to induction standards by USPS personnel is a first line of

defense against failure to satisfy resilience requirements during mail transportation anddelivery and failure to assure mail revenue.

The DMM defines mail preparation standards for all classes of retail and commercial mail.

Mailers must comply with all applicable postal standards. Although USPS induction

personnel are responsible for verifying that the mailings presented to them meet the

standards for the prices claimed, the burden rests with the mailer to comply with the laws

and standards governing domestic mail [DMM 601.1.7, 8.8, 10.5, 10.13.5, 10.17.5]. For

mailings that require a postage statement, the mailer certifies compliance with all applicable

postal standards when signing the statement [DMM 607.1, pg. 1141].

All international mail, once it enters the United States, is considered domestic mail. Acondition of inducting international mail is that it meets customs requirements. The meeting

of such requirements, specified in the International Mail Manual and referenced in the

DMM [608.2, pg. 1144], is considered out of scope for this process area.


Mailpieces are received by the USPS in accordance with standards.

Retail and commercial mail is collected by USPS personnel and contractors in face-to-face

transactions at Post Offices, stations, branches, CPUs, community Post Offices (CPOs),

military Post Offices, BMEUs, associate Post Offices (APOs), DMUs, and periodically even at

nonpersonnel units [POM 123]. Mailpieces are also collected through letter collectionreceptacles and parcel depositories in postal facilities, USPS drop boxes and collection boxes

[POM 315, 32, 33] and Priority Mail Express collection boxes, carrier pickup (at homes and

businesses, including Priority Mail Express Pickup on Demand service), and authorized

shippers.

CMU/SEI-2014-TN-010|14


21/47

To elaborate, mail is collected from wide range of locations and entry points, including the

following [Mehravari 2013]:

Pickup by USPS carriers [Pub 399]

o carrier pickup service

o

pickup on demand service (scheduled and unscheduled) Dropoff by mailer

o Outside USPS facilities

- Priority Mail Express collection box

- regular mail collection box

- customer mailbox

- USPS gopostlocations

- handed over to any delivery or collection personnel during their delivery or

collection duties

o Inside USPS facilities

- retail service counters at Post Offices, stations, or branches- unattended drop off locations (for example, Post Office lobby after hours)

- Automated Postal Center drop

- USPS service dock

- contract postal units and authorized shippers (third party)

- community Post Office

- BMEU

- DMU

Refer to MI:SG1.SP1, Establish Standards for Mail Induction, (under Collection) for additional

descriptions and examples.


1. Collected retail mail

2. Collected commercial (business) mail

3. Discrepancies in collected mail

Subpractices

1. Collect retail mail in accordance with standards.

2. Collect commercial (business) mail in accordance with standards.

3. Identify discrepancies in collected mail.

Refer to MI:SG5, Manage Mail Discrepancies During Induction, for the handling of

discrepancies in collected mail.

CMU/SEI-2014-TN-010|15


22/47


Mailpieces are verified and accepted in accordance with standards.

Mailpieces are not considered accepted until they arrive at a USPS acceptance facility and

are processed and verified by acceptance personnel [POM 137]. Verification of adherence to

standards thus involves a variety of conditions, situations, and personnel. (The assignment

of resilience requirements to the physical facilities where mailpieces are accepted is

addressed in the Environmental Control process area.)

When mail is accepted in a face-to-face transaction at a postal facility, USPS acceptance

personnel help mailers prepare mail according to standards, refuse prohibited and

improperly prepared mail matter, and ensure that mail is properly marked, endorsed, and

paid for. Business mail is checked in upon arrival at an acceptance office and then subjected

to a process to verify eligibility, processing category, machinable criteria, postage payment

method, postage affixed, and endorsements. Once acceptance personnel have completed

the required verification procedures and finalized the postage statement, the business

mailing is considered accepted and is cleared to operations for processing or returned to themailer for direct transportation [DAR 2012, pg. 8].

Business letter and flat-size mailings that fall within certain dimensions may undergo

automated acceptance testing on The Mail Evaluation Readability Lookup Instrument

(MERLIN). MERLIN measures mailpieces against a number of DMM standards [Pub 430].

Acceptance personnel are required to ensure that all business mail is verified and cleared

prior to being loaded onto USPS and approved contractor trucks. This process includes many

manual processes, such as sampling, verification of destination labels, verification of proper

preparation, a count and comparison of containers against submitted documentation,

verification of physically separated and sequenced mailings, and verifying that mail isproperly loaded into the truck [DAR, pg. 8].

This practice addresses the verification and acceptance of mail during induction. Practices

describing the verification and acceptance of mail during transportation and delivery are

described in the Mail Transportation process area and the Mail Delivery process area,

respectively.


1. Accepted retail and business mail that conforms to standards

2. Verified postage statements

3. Accurate and complete charges against postage payment accounts

4. Acceptance scans

5. Discrepancies in accepted mail

CMU/SEI-2014-TN-010|16


23/47

Subpractices

1. Assist mailers in preparing mail according to standards.

In face-to-face transactions with mailers, advise mailers on the rules of mail acceptance

and assist them in selecting the mail class and packaging that is best suited to their

needs.

2. Refuse prohibited and improperly prepared mail matter.

Refuse prohibited mail matter according to the DMM [601.810, 601.8.12] and

Publication 52 Hazardous, Restricted, and Perishable Mail[Pub 52].

Refuse mail that is not properly packed, packaged, sealed, addressed, and labeled for

safe handling to the designated destination [POM 137.12] in accordance with DMM

standards.

Explain the reasons for the refusal to the mailer [POM 139.113].

3. Verify eligibility of the mailpiece for the mail type, class, and extra services requested.Eligibility is defined in the DMM for retail and commercial mail, cards, flats, and parcels.

It includes, for example, adherence to the content standards of the mail class and type

and packaging and handling of hazardous materials and dangerous goods.

4. Perform acceptance scans where required.

The following are examples of acceptance scans:

o Carriers scan Priority Mail Express, Priority Mail, and package tracking barcodes

upon pickup from a home or business.

o Carriers scan mail collected from USPS drop boxes based on mail class, type, and

extra services.

o DMUs perform a container release scan upon completion of the verification and

acceptance process.

o BMEUs perform sample scans upon completion of the verification and acceptance

process.

5. When accepting business mail, receive business mailings submitted to an acceptance

office and perform initial verification:

o Check in business mailing.

o Verify container integrity, proper container labeling, and delivery address.

o Verify that the contents match the destination and sortation level (sorted by

processing facility or ZIP Code destinations).

o Inspect against nonmachinable criteria to ensure that mail can be handled by

automated mail processing machines. Nonmachinable criteria for each class of mail

are specified in the DMM.

o Verify processing category: presorted letters, presorted flats, machinable letters,

machinable flats, parcels, etc.

CMU/SEI-2014-TN-010|17


24/47

o Verify quality and content of barcode, if applicable.

o Verify that a valid postage payment method is used. (The Mail Revenue Assurance

process area provides additional information about practices related to valid types

of payment.)

6. Ensure that each mailpiece is properly marked and endorsed.

Valid postage affixed for mailpiece types, classes, and extra services and valid

endorsements (for example, address service requested, forwarding service requested,

return service requested, and change service requested) are specified in the DMM. (The

Mail Revenue Assurance process area provides additional information about mail

revenue standards and practices related to postage affixed.)

7. Ensure that correct payment for postage is made.

Mailers are responsible for correct payment of postage. Postage on all mail must be fully

prepaid at the time of mailing, except as specifically provided by the DMM. Acceptance

personnel verify payment to ensure that it is collected according to revenue standards.

Mail with insufficient, missing, or fraudulent payment is treated as discrepancy as

described in MI:SG5, Manage Mail Discrepancies During Induction, and MRA:SG2.SP4,

Manage Mail Revenue Discrepancies. (The Mail Revenue Assurance process area

provides additional information about mail revenue standards and practices related to

payment of postage.)

When accepting retail mail, verify that correct postage has been applied by the mailer or

obtain payment from the mailer and apply the correct postage.

When accepting business mail, verify that the appropriate postage statement

supporting documentation has been submitted and that the total piece count matcheswhat is expected from the mailers submitted postage statement. Review the postage

statement for accuracy and completeness, and review the mailers account to verify that

funds are available and applicable fees have been paid.

8. Perform additional verification steps for specific mail types, classes, and extra services in

accordance with mail induction standards.

The following are examples of additional verification steps required for Priority Mail

Express:

o For Priority Mail Express Next Day Delivery, verify that the item was presented no

later than the time authorized by the postmaster.

o Verify that USPS Corporate Account numbers are valid.

9. Identify discrepancies in accepted mail.


discrepancies in accepted mail.

CMU/SEI-2014-TN-010|18


25/47


Mailpieces are classified and prioritized in accordance with standards.

The classification and prioritization of mailpieces are performed in order to ensure that the

USPS properly directs its operational resilience resources to the class and type of mailpieces

that reflect service purchased by the mailer. Classification of mail is based on mail class and

type. Prioritization of mail is based on mail class, type, and extra services requested by the

mailer [DMM, pp. 69; POM 137.13]. Different classifications indicate different service

requirements and different service expectations and handling instructions [POM, pg. 37]. In

many cases, classification and prioritization are not separable and independent activities.

For example, once a mailpiece is determined to be First-Class, it is automatically given a

higher priority than Parcel Post.

One example of an extra service is Registered Mail. This extra service is the most secure

service offered by the USPS. It incorporates a system of receipts to monitor the movement

of the mailpiece from the point of induction to delivery. Registered Mail provides the sender

with a mailing receipt and, upon request, electronic verification that the mailpiece wasdelivered or that a delivery attempt was made. Mailers can retrieve the mailpiece delivery

status via the internet, by phone, or by bulk electronic file transfer for mailers who provide

an electronic manifest to the USPS. USPS maintains a record of delivery (which includes the

recipients signature) for a specified period of time. Mailers may obtain a delivery record by

purchasing return receipt service.

The classification and prioritization of mailpieces are key considerations in the identification

of adequate resilience requirements and in the implementation of strategies to ensure the

sanctity of mailpieces from the time of induction to the time of delivery. Mailpiece

classification and prioritization and the corresponding mail handling processes and

procedures provide a way for the USPS to designate mailpieces relative to their risks and to

allow for an appropriate level of mail handling, viability, and resilience. Mailpiece

classification and prioritization also ensure consistent handling of mailpieces across the

USPS supply chain, including with all external entities that participate in the mail

transportation and delivery lifecycle.

Each mailpiece is uniquely marked, sorted, processed, transported, and delivered to reflect

its classification, prioritization, and associated extra services, in accordance with the DMM.

Refer to the Mail Transportation and Mail Delivery process areas for further information.


1. Classified mailpieces, with sufficient postage affixed and postage that is not fraudulent

2. Prioritized mailpieces, with sufficient postage affixed and postage that is not fraudulent

Subpractices

1. Classify mail based on mail type and class and in accordance with standards.

2. Prioritize mail based on mail type, class, and extra services and in accordance with

standards.

CMU/SEI-2014-TN-010|19


26/47


Mailpieces are conveyed from their collection location to origin processing facilities in


As described in MI:SG2.SP1, Collect Mail, mailpieces are collected from a wide range of

locations and entry points, including carrier pickup from homes, businesses, and mailboxes,

USPS retail window mail (Post Offices or branches), contract postal units and authorized

shippers, and USPS.com (online). Commercial mail in bulk and mailpiece form is collected at

BMEUs and DMUs. Once mail is verified and accepted (refer to MI:SG2.SP2, Accept Mail),

most retail mailpieces and some commercial mail is conveyed (transported) to processing

and distribution centers (P&DCs) for origin processing. Priority Mail pieces may be conveyed

to a Priority Mail Processing Center. Commercial mail may also be conveyed to Bulk Mail

Centers and directly to destination Post Offices and destination delivery units (DDUs) for

origin processing prior to delivery.

Two other forms of mailing where mail is conveyed from a collection location to an origin

processing facility are plant-verified drop shipments and plant-load mailings. Plant-verifieddrop shipments enable origin verification and postage payment for shipments transported

by a mailer (or third party) at the mailers expense, on the mailers own or contracted

vehicle, to destination USPS facilities for acceptance as mail [DMM 705.16, p 1393]. Plant-

load mailings consist of mail from one mailer or the combined mailings of two or more

mailers loaded into one or more USPS transportation vehicles and accepted by the USPS at

the mailers plants. Plant-load mailings are typically submitted to a DMU or BMEU [POM

461.43, pg. 289]. Refer to the Mail Revenue Assurance process area for more information

about these forms of mailing.

Origin processing includes all activities that are performed to prepare mail for

transportation and delivery. These activities are described in the Mail Transportation

process area and in the Mail Delivery process area for commercial mail that is conveyed

directly to destination Post Offices and DDUs.

In most cases, mailpieces are conveyed from collection locations to origin processing

facilities in a variety of containers via trucks or trailers. Mailpieces may also be conveyed via

airplanes, trains, and ships. Departure/release scans are performed on all containers and

trailers (and any other forms of transport) prior to mail departing a collection location.

Container and trailer unload and arrival scans are performed when mail arrives at an origin

processing facility.

Mailpieces that are conveyed from a collection location to an origin processing facility are

subject to collection, verification, and acceptance activities as described in MI:SG2.SP1,

Collect Mail, and MI:SG2.SP2, Accept Mail. In addition, such mailpieces are also subject to

availability, sanctity, custody, and visibility controls as described in MI:SG4, Control Mail

During Induction.

CMU/SEI-2014-TN-010|20


27/47


1. Conveyed retail mailpieces

2. Conveyed commercial (business) mailpieces

Subpractices

1. Retail mail is conveyed from collection to origin processing facilities in accordance withstandards.

2. Commercial (business) mail is conveyed from collection to origin processing facilities in



Operational risks to mail during induction are identified and addressed.

The management of risk for mailpieces is the specific application of risk management tools,

techniques, and methods to mail that is accepted, processed, transported, and delivered by

the USPS. Due to the high volume of mail, the extensive geography over which it isdelivered, and the number of organizations and individuals that participate in the mail

process, there are many opportunities for mailpieces to be threatened and for risk to be

realized by the USPS. Realized risk can result in indemnity claims, loss of market share, harm

to the reputation of the USPS, and other consequences.

Managing mailpiece operational risks involves determining where vulnerabilities and threats

to mailpieces arise and where mitigation controls must be implemented to protect

mailpieces from violations of their resilience requirementsavailability, sanctity, custody,

and visibility. Mail risk categories include, for example,

locations where mailpieces physically reside (containers, facilities, docks, airplanes,trucks, trains, ships, etc.). This includes risk at destination and delivery locations and

facilities where it may be unsafe to deliver mail due to potential but unpredictable

disruptive events (such as fires and explosions) as well as disruptive events that occur

with some periodicity and predictability (such as hurricanes and winter storms).

mail origins and destinations (domestic and international)

mail aggregations (single pieces, sacks, pallets, etc.)

automation used in processing Automated Parcel Processing System (APPS), MERLIN,

etc.)

personnel (USPS employees, contract postal unit employees, BMEU employees, etc.)

mail under investigation

The identification and mitigation of risks to the successful collection of mail revenue are

addressed in the Mail Revenue Assurance process area.

CMU/SEI-2014-TN-010|21


28/47

MI:SG3.SP1 Identify and Assess Risks to Mail During Induction

Operational risks to mailpieces during induction are periodically identified and assessed.

Risks that can affect mail must be identified and assessed in order to actively manage the

resilience of these assets and ensure that they reach their destination as intended by the

mailer and in accordance with USPS standards. The identification of mailpiece risks forms a

baseline from which a continuous risk management process can be established and

managed.

The subpractices included in this practice are generically addressed in goals RISK:SG3 and

RISK:SG4 in the Risk Management process area.


1. Mailpiece risk statements, with impact valuation

2. List of mailpiece risks, with categorization and prioritization

Subpractices

1. Determine the scope of the risk assessment for mail.

Determining which mail (type, class, extra services, type of postage, locations, etc.) to

include in regular risk management activities depends on many factors, including the

value of the asset to the USPS and its resilience requirements.

2. Identify risks to mailpieces.

Identification of risk for mailpieces requires an examination of all the places where mail

is physically located from acceptance to delivery and based on mail type, class, and

extra services as appropriate. Risks should be identified in these contexts so that

mitigation and control actions are more targeted.

Operational risks for mail include

o hazardous materials

o theft

o unauthorized access

o inadvertent loss during transport

o damage

o destruction from fire or natural disaster

o vulnerabilities in technologies that support the acceptance of mail

o gaps between standards and the controls in place to meet them

3. Analyze risks to mailpieces.

4. Categorize and prioritize risks to mailpieces.

5. Assign a risk disposition to each mailpiece risk.

6. Monitor the risk and the risk strategy on a regular basis to ensure that the risk does not

pose additional threat to the sanctity of mail.

7. Develop a strategy for risks that the USPS decides to mitigate.

CMU/SEI-2014-TN-010|22


29/47

MI:SG3.SP2 Address Risks to Mail During Induction

Identified operational risks to mailpieces during induction are addressed.

The mitigation of mailpiece risk involves the development of strategies that seek to

minimize the risk to an acceptable level. This includes reducing the likelihood of risks to

mailpieces, minimizing exposure to risks, developing service continuity plans to keep

mailpieces viable during times of disruption, and developing recovery and restoration plans

to address the consequences of realized risk.

Risk mitigation for mailpieces requires the development of risk mitigation plans (which may

include the development of new mailpiece resilience controls or revision of existing

controls) and implementing and monitoring these plans for effectiveness.

The subpractices included in this practice are generically addressed in goal RISK:SG5 in the

Risk Management process area.


1. Mailpiece risk mitigation plans

2. List of those responsible for addressing and tracking risks

3. Status on mailpiece risk mitigation plans

Subpractices

1. Develop and implement risk mitigation strategies for all risks that have a mitigate or

control disposition.

For example, a strategy to mitigate vulnerabilities in technologies that support the

acceptance of mail would be to regularly perform vulnerability scanning, analysis, and

resolution on those technologies. (Refer to the Vulnerability Analysis and Resolution

process area for more information.)

2. Validate the risk mitigation plans by comparing them to existing strategies.

3. Identify the person or group responsible for each risk mitigation plan and ensure that

they have the authority to act and the proper level of skills and training to implement

and monitor the plan.

4. Address residual risk.

5. Implement the risk mitigation plans and provide a method to monitor the effectiveness

of these plans.

6. Monitor risk status.

7. Collect performance measures on the risk management process.

CMU/SEI-2014-TN-010|23


30/47


Controls to protect mail during induction are established and maintained in accordance with

standards.

A control is a policy, procedure, method, technology, or tool that satisfies a stated objective.

Controls can be broad or specific. Broad controls typically apply universally to all processesthat can affect the availability of mail, such as an accepted cultural norm that Postal Service

employees turn in other Postal Service employees who steal.

Controls can be administrative, technical, or physical. Administrative controls ensure

alignment to USPS managements intentions and include such actions as governance, setting

policy, monitoring, auditing, and performance measurement. Technical controls are

implemented through technology means. They typically exist in automated processes,

manifested in software, hardware, devices, systems, and networks. Physical controls provide

physical barriers to access that typically apply to people, containers, and facilities.

Refer to the Human Resource Management process area for a description of candidatecontrols regarding the performance and integrity of USPS personnel, where such

performance may affect the protection of mail during induction (for example, resilience as a

job responsibility).

Refer to the People Management process area for a description of candidate controls

regarding the availability of USPS personnel to perform mail induction (for example, support

to staff during disruptive events).

Refer to the Organizational Training and Awareness process area for a description of

candidate controls regarding the preparedness and readiness of USPS personnel to perform

mail induction (for example, adequate training).


Controls are established and maintained to assure availability of mailpieces during induction

in accordance with standards.

Availability is the requirement that mailpieces be accessible to all authorized citizens in a

timely fashion as determined by the mail class and extra services. To achieve that

requirement, mail must not be lost, stolen, or unnecessarily delayed. Once mail enters the

mailstream, it must follow normal processing and transfer sequences and service standards.

It must not be removed from the mailstream except as allowed by laws and standards such

as ASM 274.3, Permissible Detention of Mail.

Loss or theft of Insured Mail, Registered Mail, COD, or Priority Mail Express mailpieces may

result in indemnity claims being filed by the mailers or addressees [POM 146]. Failure to

meet service standards for Priority Mail Express may result in refunds being issued to

mailers.

CMU/SEI-2014-TN-010|24


31/47

Mail availability controls should satisfy standards, policies, operating procedures, and other

specifications that relate to and affect the availability of mail, provide confidence that they

are being followed, and reduce the risks that would result in mail being unavailable. Specific

availability controls are applied to mail products, such as insurance against loss or damage

for Priority Mail Express [DMM 503.1.1.7]. They also include in-process controls that happen

at specific points in the mailstream lifecycle. For example, visibility scans such as the

Holotrack scan for Priority Mail Express and the chain of scans and/or signatures from the

point of acceptance to delivery for Registered Mail affirm that the mailpieces are still in the

mailstream and show whether theyve been delayed.

Administrative controls for limiting delay of mail might include capacity management plans,

alternate routes, and having separate processing areas for high-volume destinations. An

example of an administrative control for protecting mail from theft is the policy requiring

that all individuals who are not authorized on-duty Postal Service employees and authorized

contractors must be properly escorted [ASM 273.121]. Examples of technical controls are

closed circuit television systems and electronic card access control systems. Physicalcontrols for mail availability include picture IDs, locks used to secure collection and relay

boxes, facility alarm systems, and locks and numbered tin band seals on trucks that are

transporting mail. Locking doors leading from Post Office box or service lobbies to

workroom areas and keeping exterior lobby windows clear of obstruction to maximize

observation of the lobby area are physical measures taken to help prevent robbery [ASM

226.1].

The subpractices included in this practice are generically addressed in the Controls



1. Mail availability controls (including the responsible party)

2. Traceability matrix of standards, policies, operating procedures, and other specifications

and mail availability controls

3. Mail availability control gaps

4. Mail availability control updates

5. Discrepancies identified by mail availability controls

Subpractices

1. Establish and implement mail availability controls in accordance with standards.2. Confirm or assign responsibility for implementing availability controls.

Confirmation is required for existing and updated controls. Assignment is required for

new controls.

3. Develop a bidirectional traceability matrix that maps standards and availability controls.

CMU/SEI-2014-TN-010|25


32/47

4. For standards that are not addressed by availability controls, identify and manage the

risks associated with control gaps as described in MI:SG3, Manage Risks to Mail During

Induction.

5. Regularly review and assess the effectiveness of availability controls and update or

retire controls as needed.

As standards, services, processes, and technologies change, gaps and redundancies may

arise between mail availability standards and the controls established to satisfy them.

(Refer to CTRL:SG4.SP1 for further information about periodically assessing and

adjusting controls.)

6. Identify discrepancies identified by mail availability controls.


discrepancies identified by mail availability controls.


Controls are established and maintained to assure sanctity of mailpieces during induction in


Sanctity is the requirement that mailpieces be protected from damage, alteration of original

content, disclosure, and destruction. It includes the principle of the sanctity of the seal for

certain classes of mail, which protects such mailpieces against unauthorized access to their

contents. Sanctity encompasses the information resilience requirements of integrity

(keeping the asset in the condition intended by the owner) and confidentiality (ensuring

that the asset is accessible only to authorized people, processes, and devices) for mailpieces.

Damage to Insured Mail, Registered Mail, COD, or Priority Mail Express articles may result in

indemnity claims being filed by the mailers or addressees [POM 146].

Mail sanctity controls should satisfy standards, policies, operating procedures, and other

specifications that relate to and affect the sanctity of mail, provide confidence that they are

being followed, and reduce the risks that would result in mail sanctity being violated.

Broad controls typically apply universally to all processes that can affect the sanctity of mail,

such as USPS Standards of Conduct that are impressed upon employees by supervisors and

sustained by the influence of the culture. Specific sanctity controls are applied to mail

products, such as use of registry cages inside Postal Service facilities to limit access of

Registered Mail to authorized individuals. They also include in-process controls that happen

at specific points in the mailstream lifecycle, such as the use of numbered metal seals on the

doors of Postal Service trucks to ensure that the doors have not been opened between

locations.

Administrative controls for sanctity include record controls and specification of approved

manufacturers and models for mail receptacles in apartment houses [POM 632.628]. An

example of an administrative control for protecting mail from damage is the USPS policy to

CMU/SEI-2014-TN-010|26


33/47

containerize all classes of mail wherever possible [POM 573.1, pg. 356]. There are no

technical controls for mail sanctity, although mail processing equipment does halt upon the

detection of misfed mail, which has a higher chance of occurring with an unsealed piece

than a sealed piece. Physical controls for mail sanctity include keys for mail receptacles in

apartment houses [POM 632.627] and the use of concealed containers, robust plastic

containers used to ship registered mail and other mail of value on airplanes. Controls that

protect mail against theft also serve to protect mail against unauthorized access with the

intent of disclosure or destruction, such as using locks to secure collection and relay boxes

[ASM 278.11].

The subpractices included in this practice are generically addressed in the Controls



1. Mail sanctity controls (including the responsible party)


and mail sanctity controls

3. Mail sanctity control gaps

4. Mail sanctity control updates

5. Discrepancies identified by mail sanctity controls

Subpractices

1. Establish and implement mail sanctity controls for mailpieces in accordance with

standards.

2. Confirm or assign responsibility for implementing sanctity controls.


new controls.

3. Develop a bidirectional traceability matrix that maps standards and sanctity controls.

4. For standards that are not addressed by sanctity controls, identify and manage the risks

associated with control gaps as described in MI:SG3, Manage Mail Risk During Induction.

5. Regularly review and assess the effectiveness of sanctity controls and update or retire

controls as needed.


arise between mail sanctity standards and the controls established to satisfy them.



6. Identify discrepancies identified by mail sanctity controls.


discrepancies identified by mail sanctity controls.

CMU/SEI-2014-TN-010|27


34/47


Controls are established and maintained to assure custody of mailpieces during induction in


Custody of mail begins when USPS facilities (such as letter collection receptacles and parcel

depositories at Post Offices) and USPS personnel (such as mail carriers) collect and take

physical possession of a mailpiece (refer to MI:SG2.SP1, Collect Mail, for a list of mail entry

points). As a result, custody of mail can commence prior to and also during mail verification

and acceptance by USPS acceptance personnel. Custody ends or terminates when mail is

delivered to the addressee or their designee (personal mailbox, mail room, etc.) as

described in the Mail Delivery process area. If the mail is undeliverable, custody terminates

when the sender receives the mailpiece on return. A sender may be the individual who sent

the mailpiece, their physical mailbox, the designated mail room for their organization that

accepts mail on their behalf, etc. [DMM, pg. 1175].

In addition to mail class and type, extra services are available that provide proof of mailing,

proof of delivery, or indemnification for loss or damage. Because records are keptconcerning each mailpiece receiving these extra services, such mail is called accountable

mail [POM 137.441]. Accountable mail has more custody requirements and controls than

other classes and types of mail such as Priority or First-Class Mail without extra services.

Accountable mail is mail that requires the signature of the addressee or addressees agent

upon receipt to provide evidence of delivery or indemnification for loss or damage.

Examples of accountable mail include [POM 137.44; DMM 503, 505, 508; Pub 32]

Certified Mail

Registered Mail

Collect on Delivery (COD) return receipt

merchandise return service

customs duty

postage due


signature confirmation

mail insured for more than $200

Custody of mail may also be established by the type of postage that is affixed to each

mailpiece. Types of postage include stamps, prepaid stationery and packaging, postageevidencing systems (which include meter imprints and PC postage products such as Click-N-

Ship and stamps.com), and permit imprint mail (refer to the Mail Revenue Assurance

process area for more details). Meter imprint mail may contain postage that includes

information based indicia (IBI). The information contained in IBI and barcodes may be used

to establish and manage custody of mailpieces. Mailpieces may also contain postage that

CMU/SEI-2014-TN-010|28


35/47

includes an IMb. The information contained in IMbs may be used to establish and manage

custody of mailpieces.

Business mailers can expedite service by using their own transportation vehicles to move

mail they are originating from their DMU to the origin postal facility within a designated ZIP

Code area [DAR, pg. 8]. Even though mailers are using their own transportation vehicles, the

USPS accepts custody of mail at the DMU.

For satisfying standards, policies, operating procedures, and other specifications that relate

to and affect the custody of mail, the focus is on the controls that demonstrate the

satisfaction of such standards, provide confidence that they are being followed, and reduce

the risks that would result in the inability to maintain the custody of mailpieces as required.

The custody of mail is accomplished by ensuring that adequate controls are in place to allow

mailers to confirm that their mail is in the immediate charge and control of authorized USPS

personnel throughout the mail lifecycle, from collection to delivery. The ability of mailers to

determine who has custody of their mail varies based on mail class, type, extra services,

tracking numbers, and postage such as Registered Mail and Certified Mail markings andlabels.

A unique tracking number can be associated with specific classes and types of mail. Mail for

which tracking numbers are assigned include Certified Mail, Registered Mail, Priority Mail

Express, delivery confirmation, and signature confirmation. Mailers receive a tracking

number for Priority Mail automatically if they a use PC Postage system such as Click-N-Ship,

or they can buy one at a Post Office.

Acceptance personnel located at acceptance offices are responsible for verifying that the

mail presented to them meets custody standards for the mail class, type, and extra services.

Registered Mail is the most secure transportation and delivery service offered by the USPS.

The rules and procedures for handling valuable Registered Mail, such as shipments of cash,

require that every transfer of custody is documented by chain-of-custody receipts so that

individual accountability can be determined at all times. Registered Mail has the most

rigorous custody requirements and controls, including the following [DMM 503.2.2.1, pg.

769]:

A system of receipts monitors the movement of the mail from the point of acceptance

to delivery.

The sender is provided with a mailing receipt and, upon request, electronic verification

that an article was delivered or that a delivery attempt was made. USPS maintains a record of delivery (which includes the recipients signature) for a

specified period of time.

Mailers may obtain a delivery record by purchasing return receipt service. Collect on

delivery, delivery confirmation, and signature confirmation services are also available

[DMM 503.2.2.1, pg. 769].

CMU/SEI-2014-TN-010|29


36/47

Acceptance employees must keep Registered Mail in a secure place (locked drawer,

cabinet, safe, or registry section) until accountability is transferred hand-to-hand to the

designated dispatch employee. Access to the item must be limited to a single individual.

Shared access is strictly prohibited. Individual employee accountability of Registered

Mail must be maintained at all times.

Registered Mail is transferred from one individual to another on the appropriate form

and must be signed for by the receiving individual at the time of transfer. Additional

transfer of accountability standards are described in Handbook DM-901 Registered Mail

[HB DM-901].

Mailpieces that are not marked in accordance with custody standards and whose custody

postage does not sufficiently reflect the type, class, extra services, and attributes of the

mailpiece to which they are affixed are handled as discrepancies as described in MI:SG5,

Manage Mail Discrepancies During Induction.

The identification and mitigation of mail custody risks that may result from incorrect or

missing mail visibility postage are addressed in MI:SG3, Manage Mail Risk During Induction,

and in the Risk Management process area.


1. Mail custody controls (including the responsible party)


and mail custody controls

3. Mail custody control gaps

4. Mail custody control updates

5. Discrepancies identified by mail custody controls

Subpractices

1. Establish and implement mail custody controls in accordance with standards.

Ensure that controls are adequate to identify mail custody postage that is insufficient,

fraudulent, or any additional discrepancies. Examples of such controls could include

o manual inspection

o confirmation that a specific mailing and its companion electronic documentation is

(or is not) associated with a specific and authorized mailer

o

the use of postage scanning systems (such as the Advanced Facer Canceler System(AFCS), Delivery Bar Code Sorter (DBCS), APPS, and Passive Adaptive Scanning

System (PASS); scans from some of these systems are imported into the Total

Revenue Protection (TRP) system for further analysis)

CMU/SEI-2014-TN-010|30


37/47

2. Confirm or assign responsibility for implementing custody controls.


new controls.

3. Develop a bidirectional traceability matrix that maps standards and custody controls.

4. For standards that are not addressed by custody controls, identify and manage the risks

associated with controls gaps as described in MI:SG3, Manage Risks to Mail During

Induction.

5. Regularly review and assess the effectiveness of custody controls and update or retire

controls as needed.


arise between mail custody standards and the controls established to satisfy them.



6. Identify discrepancies identified by mail custody controls.


discrepancies identified by mail custody controls.


Controls are established and maintained to assure visibility of mailpieces during induction in


Visibility of mail from the time and location of mail acceptance to the time and location of

mail delivery is based on mail class, type, extra services, and postage affixed including

barcodes. Mail visibility standards are primarily specified in the DMM and the POM.

Informative material on mail visibility for Intelligent Mail is available on the USPS and Rapid

Information Bulletin Board System (RIBBS) [5] websites.

Visibility of mail may also be established by the type of postage that appears on each

mailpiece. Types of postage include stamps, prepaid stationery and packaging, postage

evidencing systems (which include meter imprints and PC postage products such as Click-N-

Ship and stamps.com), and permit imprint mail (refer to the Mail Revenue Assurance

process area for more details). Meter imprint mail may contain postage that includes IBI.

The information contained in IBI and barcodes may be used to establish and manage

visibility of mailpieces. Mailpieces may also contain postage that includes an IMb. Theinformation contained in IMbs may be used to establish and manage visibility of mailpieces.

For satisfying standards, policies, operating procedures, and other specifications that relate

to and affect the visibility of mail, the focus is on the controls that demonstrate the

satisfaction of such standards, provide confidence that they are being followed, and reduce

the risks that would result in inadequate or missing visibility of mailpieces as required. The

visibility of mail is accomplished by ensuring that adequate controls are in place to allow

CMU/SEI-2014-TN-010|31


38/47

mailers to follow the progress of their mail through the mail lifecycle, from acceptance to

delivery. The ability of mailers to track their mail varies based on mail class, type, extra

services, tracking numbers, and postage such as IBI and IMb.

Accountable mail has more visibility requirements and controls than other classes and types

of mail such as Priority or First-Class Mail without extra services. Accountable mail is mail

that requires the signature of the addressee or addressees agent upon receipt to provide

evidence of delivery or indemnification for loss or damage. Accountable mail includes

Priority Mail Express and extra services such as Certified Mail, Collect on Delivery, mail

insured for more than $200, Registered Mail, return receipt, and signature confirmation

[Pub 32].

A unique tracking number can be associated with specific classes and types of mail. Mail for

which tracking numbers are assigned include Certified Mail, Registered Mail, Priority Mail

Express, delivery confirmation, and signature confirmation. Mailers receive a tracking

number for Priority Mail automatically if they a use PC Postage system such as Click-N-Ship,

or they can buy one at a Post Office.

Acceptance personnel located at acceptance offices are responsible for verifying that the

mail presented to them meets visibility standards for the mail class, type, and extra services.

Intelligent Mail products and services use machine-readable barcodes to uniquely identify

mail, which allows large business mailers to track their mail. In addition, this information

helps the USPS and businesses better manage their resources, reduce operating and

marketing expenses, adapt to market conditions, increase efficiencies, and be more

responsive to customers. Barcodes also provide the ability to perform operational service

analytics, generate customer level data for pricing, and assure revenue [Cochrane 2012], [8],

[9].

The USPS Intelligent Mail program [8] requires the use of a unique, trackable barcode

applied to letters, postcards and flat mailpieces (First-Class, Periodicals, Standard Mail),

trays, sacks, and containers, such as pallets, as well as the submission of electronic mailing

documentation. Currently defined barcodes include the following [Pub 32]:

IMb for letters and flats

IMpb for packages

Intelligent Mail tray barcode (IMtb) for trays and sacks

Intelligent Mail Container barcode (IMcb) for containers and pallets

The suite of IMbs identify the owner and sender of a mailpiece, identify the mailpiece or the

mail aggregate (multiple mailpieces that are aggregated into a single mailing at the bundle,

tray, sack, or container level), encode product or service requests on mailpieces or mail

aggregates, and provide sorting and routing information [9].

Mailers can track their Intelligent Mail by using the IMb tracking service. Mailers identify

their mail by placing an IMb on their letter and flat mailpieces. As mailpieces with an IMb

CMU/SEI-2014-TN-010|32


39/47

are processed on USPS sorting equipment, records are created containing the IMb,

processing facility, operation number, and processing date and time. These records are

electronically forwarded to mailers or available on a USPS website for manual download

[10].

Scanning is a fundamental control for mail visibility. Scan events (also referred to as track

events) for mail based on mail type, class, extra services, and postage may include all or

some of the following [Cochrane 2012]:

electronic shipping information received from the mailer

mail acceptance

mail departs Post Office/BMEU (dispatched to sort facility)

mail arrives at sort facility

mail processed through USPS sort facility (enroute)

mail departs USPS sort facility

mail arrives at USPS sort facility (destination)

mail processed through delivery USPS sort facility (enroute)

mail departs USPS sort facility mail arrives at Post Office

mail processing complete

mail out for delivery

mail delivered

The objectives for the visibility of Intelligent Mail include a legible, scannable barcode on

every mailpiece, visibility of mailpieces from acceptance to delivery, 10 to 12 tracking events

per mailpiece, and scan performance that is 99% accurate and available in real time

[Cochrane 2012].

Mailpieces that are not marked in accordance with visibility standards and whose visibility

postage does not sufficiently reflect the type, class, extra services and attributes of the

mailpiece to which they are affixed are handled as discrepancies, as described in MI:SG5,

Manage Mail Discrepancies During Induction.

The identification and mitigation of mail visibility risks that may result from incorrect or

missing mail visibility postage are addressed in MI:SG3, Manage Mail Risk During Induction,

and in the Risk Management process area.


1. Mail visibility controls (including the responsible party)

2. Traceability matrix of standards, policies, operating procedures, and other specificationsand mail visibility controls

3. Mail visibility control gaps

4. Mail visibility control updates

5. Discrepancies identified by mail visibility controls

CMU/SEI-2014-TN-010|33


40/47

Subpractices

1. Establish and implement mail visibility controls in accordance with standards.

Ensure that controls are adequate to identify mail visibility postage that is insufficient or

fraudulent, or any additional discrepancies. Examples of such controls could include

o manual inspectiono confirmation that a specific mailing and its companion electronic documentation is

(or is not) associated with a specific and authorized mailer

o the use of postage scanning systems (such as the Advanced Facer Canceler System

(AFCS), Delivery Bar Code Sorter (DBCS), Automated Parcel Processing System

(APPS), and Passive Adaptive Scanning System (PASS); scans from some of these

systems are imported into the Total Revenue Protection (TRP) system for further

analysis)

2. Confirm or assign responsibility for implementing visibilit

CERT Resilience Management Model— Mail-Specific Process Areas: Mail Induction (Version 1.0)

Documents

Transcript of CERT Resilience Management Model— Mail-Specific Process Areas: Mail Induction (Version 1.0)